Menu

Blog

Apr 7, 2023

Cacti, Realtek, and IBM Aspera Faspex Vulnerabilities Under Active Exploitation

Posted by in category: cybercrime/malcode

Critical security flaws in Cacti, Realtek, and IBM Aspera Faspex are being exploited by various threat actors in hacks targeting unpatched systems.

This entails the abuse of CVE-2022–46169 (CVSS score: 9.8) and CVE-2021–35394 (CVSS score: 9.8) to deliver MooBot and ShellBot (aka PerlBot), Fortinet FortiGuard Labs said in a report published this week.

CVE-2022–46169 relates to a critical authentication bypass and command injection flaw in Cacti servers that allows an unauthenticated user to execute arbitrary code. CVE-2021–35394 also concerns an arbitrary command injection vulnerability impacting the Realtek Jungle SDK that was patched in 2021.

0 comments

Comments are closed.

Tag cloud

aging AI Alzheimer's anti-aging Artificial Intelligence bioquantine bioquark biotech biotechnology bitcoin blockchain brain death cancer cryptocurrency culture Death existential risks extinction future futurism Google health healthspan humanity ideaxme immortality Interstellar Travel ira pastor Life extension lifespan longevity NASA Neuroscience politics reanima regenerage regeneration research risks singularity space sustainability technology transhumanism wellness

Categories